package cn.picclife.mwx.manager.util.filter;

import java.io.IOException;

import javax.annotation.Resource;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.web.filter.OncePerRequestFilter;

import com.alibaba.fastjson.JSON;

import cn.picclife.mwx.manager.base.BaseResult1;
import cn.picclife.mwx.manager.base.ResponseHeadDto;
import cn.picclife.mwx.manager.sys.model.po.TokenFilterErrorRes;
import cn.picclife.mwx.manager.sys.service.AccessService;
import cn.picclife.mwx.manager.sys.service.impl.AccessServiceImpl;

/**
 * @description 过滤器 
 * @author SaiZhiyi
 * @creatTime 2020年9月24日 下午2:17:27
 */
public class TokenFilter extends OncePerRequestFilter {

	private static final Log log = LogFactory.getLog(TokenFilter.class);
	
	private final static String HREAD_TOKEN = "TOKEN"; // token明文
	private final static String HREAD_TIME = "TIME_STAMP"; // 时间戳
	private final static String HREAD_MD5_TOKEN = "MD5_TOKEN"; // MD5加密token

	private final static String SYSTEM_CODE = "SYSTEM_CODE"; // 系统来源

	@Autowired
	private AccessService acessService;

	@Override
	protected void doFilterInternal(HttpServletRequest arg0, HttpServletResponse arg1, FilterChain arg2)
			throws ServletException, IOException {
		HttpServletRequest request = (HttpServletRequest) arg0;
		String url = request.getRequestURI();
		log.info(url);
		acessService = new AccessServiceImpl();
		String flag = acessService.checkUrl(url);
		if ("0".equals(flag)) { // 获取token
			arg2.doFilter(arg0, arg1);
		} else if ("1".equals(flag)) { //过滤接口
			String token = "";
			String time = "";
			String access_token = "";
			String systemId = "";
			TokenFilterErrorRes res = new TokenFilterErrorRes();
			if(request.getHeader(HREAD_MD5_TOKEN) == null){
				log.info(url+"token1"+"HREAD_MD5_TOKEN is null");
			}else{
				log.info(url+"token1"+"HREAD_MD5_TOKEN is"+request.getHeader(HREAD_MD5_TOKEN));
			}
			if(request.getHeader(HREAD_TOKEN) == null){
				log.info(url+"token1"+"HREAD_TOKEN is null");
			}else{
				log.info(url+"token1"+"HREAD_TOKEN is"+request.getHeader(HREAD_TOKEN));
			}
			if(request.getHeader(HREAD_TIME) == null){
				log.info(url+"token1"+"HREAD_TIME is null");
			}else{
				log.info(url+"token1"+"HREAD_TIME is"+request.getHeader(HREAD_TIME));
			}
			if(request.getHeader(SYSTEM_CODE) == null){
				log.info(url+"token1"+"SYSTEM_CODE is null");
			}else{
				log.info(url+"token1"+"SYSTEM_CODE is "+request.getHeader(SYSTEM_CODE));
			}
			if (request.getHeader(HREAD_MD5_TOKEN) == null || request.getHeader(HREAD_TOKEN) == null
					|| request.getHeader(HREAD_TIME) == null || request.getHeader(SYSTEM_CODE) == null
					|| StringUtils.isBlank(access_token = request.getHeader(HREAD_MD5_TOKEN))
					|| StringUtils.isBlank(token = request.getHeader(HREAD_TOKEN))
					|| StringUtils.isBlank(time = request.getHeader(HREAD_TIME))
					|| StringUtils.isBlank(systemId = request.getHeader(SYSTEM_CODE))){
				res.setResponseHeadDto(new ResponseHeadDto(BaseResult1.AUTH_ERROR, "token or systeamcode does not exist"));
				log.info("请求头未带token，请求路径为：" + url);
				log.info("反参信息:" + JSON.toJSONString(res));
				arg1.getWriter().write(JSON.toJSONString(res));
				return;
			} else {
				boolean md5flag = false;
				try {
					md5flag = acessService.checkToken(token, time, access_token, systemId);
				} catch (Exception e) {
					log.info("token验证失败" + e);
					res.setResponseHeadDto(new ResponseHeadDto(BaseResult1.SYS_ERROR, "token验证异常"));
					arg1.getWriter().write(JSON.toJSONString(res));
					return;
				}
				if (md5flag) {
					arg2.doFilter(arg0, arg1);
					return;//=============自己修改
				} else {
					res.setResponseHeadDto(new ResponseHeadDto(BaseResult1.AUTH_ERROR, "Incorrect token or Incorrect systemcode"));
					log.info("请求token验证失败");
					log.info("反参信息:" + JSON.toJSONString(res));
					arg1.getWriter().write(JSON.toJSONString(res));
					return;
				}
			}
		} else { // 非过滤接口
			arg2.doFilter(arg0, arg1);
		}
	}

}
